Past Issues

BuckleySandler LLP’s InfoBytes Blog monitors and reports on news, legal developments and legislative actions affecting the financial services industry. With a focus on issues ranging from fair lending to consumer financial services regulation and the CFPB, InfoBytes Blog is a comprehensive and timely source for in-house counsel and industry executives to stay abreast of developments affecting their industry.

The DOJ, OFAC and the U.S. Postal Inspection Service (USPIS), as part of an effort to stop an international network of mass mailing fraud schemes that target elderly and vulnerable victims, conducted a joint enforcement action against an international payments processor and money services business based in Canada. The agencies alleged that the payment processor engaged in money laundering and mail fraud by knowingly processing payments on behalf of the perpetrators of more than 100 different mail fraud campaigns, collectively involving tens of millions of dollars. OFAC designated the payments processor as a significant transnational criminal organization (TCO) pursuant to Executive Order 13581. OFAC also designated as TCOs a global network of 12 individuals and 24 entities across 18 countries based on their association with the payment processor. As a result of today’s action, all property and interests in property of the designated persons subject to U.S. jurisdiction are blocked, and U.S. persons are prohibited from engaging in transactions with them. Additionally, USPIS obtained a warrant through the Eastern District of New York to seize the funds in a U.S. bank account that was allegedly used to process payments received through fraudulent mailings. According to OFAC, the payment processor “has a nearly 20-year history of knowingly processing payments relating to these fraudulent solicitation schemes, which result in the loss of millions of dollars to U.S. consumers.”

On June 6, the CFPB filed a complaint against a North Dakota-based third-party payment processor and two of its senior executives for alleged violations of the Dodd-Frank Act’s prohibition against unfair acts and practices. Acting on behalf of its clients, the payment processor transferred funds electronically through a network called the Automated Clearing House, and in the process, according to the CFPB, the payment processor “ignored numerous red flags about the transactions they were processing, including repeated consumer complaints, warnings about potential fraud or illegality raised by banks involved in the transactions, unusually high return rates, and state and federal law enforcement actions against their clients.” The CFPB contends that the defendants failed to: (i) heed warnings, including federal and state enforcement actions taken against the defendants’ clients, from banks and consumers regarding potential fraud or unauthorized debits; (ii) adequately monitor and respond to “enormously” high return rates; and (iii) investigate “red flags” throughout its clients’ application processes that “should have caused it to… perform enhanced due diligence prior to accepting a client for processing.” Regarding the individuals’ involvement in the allegedly unlawful activity, the CFPB’s complaint alleges that both engaged in unfair acts and practices by “actively ignoring” a number of red flags associated with the payment processor’s business activities. The CFPB’s complaint seeks monetary relief, injunctive relief, and penalties.

On March 15, the Washington Department of Financial Institutions responded to the Electronic Transactions Association’s (ETA) December 2015 Petition for Declaratory Order, which sought clarification on the statutory definition of “money transmitter” under the Washington Uniform Money Services Act (WUMSA), RCW 19.230.020(9). Specifically, the ETA requested clarification that “money transmitter” excludes payment processors that do not have consumer-facing relationships or receive consumer payments for transmission to a third-party payee or other transferee. The ETA’s petition further requested that the Department issue a declaratory order that the payment processor exclusion in WUMSA “applies to payment processors that act on behalf of merchants, rather than consumers, to facilitate the merchant’s acceptance of credit and debit cards and that such payment processors are not subject to the Act.” The Department declined to issue such an order because the ETA’s petition failed to specifically identify any of its purported 500+ members “by name or as doing business in or having sufficient minimum contacts with Washington State to a degree that would presumptively make them subject to the Division’s authority under WUMSA.” The Department allowed that ETA could resubmit the petition, but also encouraged it to contact the Department’s staff and “have discussions about how best to resolve the alleged ‘uncertainty’ you have addressed.”

On November 18, the FTC announced that it approved, by a 3-1 vote, final amendments to the Telemarketing Sales Rule (TSR) that ban telemarketers from using certain payment methods that are commonly used by scammers. Per the amendments, telemarketers are prohibited from (i) using specific types of checks and “payment orders” that are remotely created by the telemarketer or seller and which permit direct access to consumers’ bank accounts; (ii) receiving payments through traditional “cash-to-cash” money transfers, which allow scammers to easily obtain consumer funds anonymously and without the ability to reverse the transaction; and (iii) accepting as payment “cash reload” mechanisms. The FTC concluded that the aforementioned payment methods constituted abusive practices because they caused or were likely to cause “substantial injury to consumers that is neither reasonably avoidable by consumers nor outweighed by countervailing benefits to consumers or competition.” Finally, according to the FTC, “the amendments address changes in the financial marketplace to ensure consumers remain protected by the TSR’s antifraud provisions, but are narrowly tailored to allow for innovations with respect to other payment methods that are used by legitimate companies.”

On November 10, the DOJ unsealed an indictment against three individuals, Gery Shalon, Joshua Samuel Aaron and Ziv Orenstein, for allegedly orchestrating and committing computer hacking crimes against U.S. financial institutions, brokerage firms, and financial news publishers. According to the DOJ, “these three defendants perpetrated one of the largest thefts of financial-related data in history – making off with the sensitive information of literally thousands” of Americans. The DOJ alleges that, from approximately 2012 to mid-2015, Shalon and Aaaron hacked financial institutions to steal the personal information of more than 100 million customers, and then manipulated the price of certain U.S. publicly traded stocks, seeking to “market the stocks, in a deceptive and misleading manner, to customers of the victim companies whose contact information they had stolen in the intrusion.” Additionally, Shalon engaged in illegal businesses with Orenstein between 2007 and July 2015, allegedly operating (i) unlawful internet gambling businesses; (ii) multinational payment processors for illegal pharmaceutical suppliers, counterfeit and malicious software distributors, and unlawful internet casinos; and (iii) Coin.mx, a Bitcoin exchange company that violated federal anti-money laundering laws. Read more…